My Birthday Wishlist

19 is going alright so far. I don’t expect anything from anyone, but if you want to get me a gift here are things I like:

1. To wake up as me, instead of hu.
2. My friends to stick around for 2 more years.
3. A red sunburst fender stratocaster. got.
4. Blake Guitar’s Apex Guitar Case got.

5. An AR-15 Rifle with olive drab furniture and some kind of CQB optics.
5.(a) PSA Lower Pictogram – 1560 AR-15 Lower.
6. A powder blue fender stratocaster with white pick guard.
7. A 2016 Gibson SG, Cherry Red with a black guard..
8. mp5sdan FN P90 or MP5SD.
9. no more humans.

10. A pair of new ornate 1911 pistols, preferably not only scralling leafy flowers, with a variety of available holsters (location?/style?). Should include a fancy case. These may eventually become a dueling kit, passed on as a family heirloom. Could be the same color, as long as some other detail is visibly different while holding them.
11. A pair of classical dueling pistols. Should also include a fancy case.
12. A decent Analog metronome.
13. An 8 Channel Mixer.
14. Pedal Board.
15. Anything from my Amazon Wish List

P.S. To any government creeps who may be reading this, I wish to continue enjoying all of the amendments to the United States Constitution, especially the 1st, 2nd, 3rd, 4th, 11th, 13th, and 14th. Happy birthday to me!

Please share!

Cloudflare’s “Keyless SSL” Feature violates trust and privacy.

SSL exists to ensure Privacy and Trust

SSL serves two purposes. Privacy and Trust. Both purposes are equal. Privacy means it encrypts your traffic, this ensures that packet sniffers on a public network can’t view your credit card number when you purchase something on Amazon. Trust means when you visit Amazon.com, you know that the responding server is actually Amazon.com

Without both Privacy and Trust, SSL is useless.

If you compromise either privacy or trust, the SSL certificate becomes completely worthless. Now your activities are at risk of being compromised, which is precisely what SSL exists to protect against.

KeyLess SSL violates both Privacy and Trust.

Cloudflare’s new feature “Keyless SSL” violates both privacy and trust. This dubious service operates by decrypting 100% of your web traffic between the server and Cloudflare’s network. That means Cloudflare can view your credit card numbers. All that is required is a Cloudflare employee to hide malicious code in their traffic inspection function and they could steal thousands or millions of credit card numbers in an hour.

Browsers should Declare all Cloudflare traffic “Insecure”.

The solution is simple. If SSL traffic comes from Cloudflare, one must assume that it has been decrypted and inspected during transit. This means it is not secure. Web Browsers need to declare this to the user. Traffic that comes from Cloudflare websites should be flagged as insecure, regardless of the SSL status.

Please share!

SFG Media Group

Who are they?

A quick web search reveals: “SFG Media Group is a digital content creation and distribution company using data science to empower journalists, writers and filmmakers.”

But who are they REALLY?

Well if their former employees are any indication, they are terrible people. Here’s an excerpt from a GlassDoor review:

Poor management and no concern for employees.

I was hired with a 2 week training period for a writer position only to find out that it was actually a try out. The people who hired me knew that I was quitting my job to work there but didn’t warn me that they might not take me after the 2 weeks training period (they also asked me to work over the week-end with no notice).

And how about their outsourcing habits? Well I spotted an ad from them on the WordPress job boards, offering $5 per page to build landing pages. Even if you cut and paste the layout with no other changes you’re looking at 20 minutes per page, which means they were offering roughly $15 per hour. I wrote them to tell them they need to increase their offer to $50/hr or better, as their current offer was insulting to all professional developers. The E-mail responses I got in response were incredibly hostile, let’s look at a few of them.

This one was interesting because he accuses me of being rude, after an uncalled for assault of hostility.

If you are not interested, just fuck off.

We have enough people interested.

Some people asked for 500 others asked for 50 some are doing it for 5

So, why don’t you get your head out of your ass and get over your
superiority complex and go fuck yourself or do something useful instead of
wasting my time with your stupidity and rudeness.

Here his raging tantrum increases in intensity

why dont you idiot read the email you sent me first time and see your
insults and shove them down your throat.
I dont want people to work for me for free, I want them to work for an
agreed on rate.. you are too dumb to understand that maybe because of the
air you breathing in whatever shit hole you live in.
if you dont like my behavior, fuck off and stop sending me emails.
people who are interested in working with me, they are doing it, but again
because you are a fucking arrogant scumbag you think you are better than
them, despite that your website is so shitty, you wont even qualify for a
$5 gig.
if it is after midnight, go to sleep, go watch tv, go work on your site, go
learn something…and stop wasting my time.
I know it makes you feel important because your life is that worthless and
pathetic, but..it wont get you anywhere,..so go do something useful with
your time.

Here is the actual contents of my first E-mail, do you see any insults? I don’t.

You are trying to take advantage of people and you should be ashamed. I hope that you meet with failure until you are willing to pay a reasonable salary for the work you’re asking for. You need to start at $50 per hour.

If you think that’s unfair, do the work yourself.

This one is interesting, his response has escalated from attacking me personally, to attacking my deceased mother or my imaginary sister. I think we can all agree that this sort of behavior is completely unacceptable for a grown adult. Again he acts like the victim as well, saying that I insulted him, but that never took place.

You again? You are like a rabid dog who won’t leave.
You are not a man, you are an asshole.
You sent me an email insulting me and my business and everyone who applied
for the job.
That’s an adult behavior? But replying to your insults is not?
I hope I m not giving you the idea that I give a damn about what you think
of me or my business, I just tried to be polite and give you the benefit of
the doubt, but obviously there is no reasoning with you,and you are not
reading my email or understanding them…just want to reply and spew your
poisonous bullying because it make your pathetic life more meaningful.
Just get your head out of your ass or out of your moms ass or out of your
dogs ass and fuck off and do something useful with your worthless time and
existence.

You should change your nickname from lion to a donkey, a very dumb donkey.

I replied to your insults with reasoning, with insulting you, your mom, and
your sister…unless they are prostitutes..so if you have any shred of
dignity and self respect, you would have fucked off already.

This is my favorite one. In this rant he accuses me of being part of ISIS and helping to kill people and destroy their houses, and talks about “digital threats”.

I don’t care…you see in 2006 israeli apartheid regime and terrorists
threatened to kill us and destroy our houses, and despite their war crimes
where they killed over a 1000 women and men and 300 child…we survived, we
did to cave to their threats and their war criminals went out crying after
being crushed along with their elite army units.
Your friends at isis threatened us and attacked us and killed many of
us..but eventually they were crushed and soon to be eliminated … so
digital threats from a coward bully like you are meaningless as much as
your existence.
Post them anywhere..but why don’t you post them with your real name, phone
number and address , don’t be a coward.
And send me the links..I might have few more minutes to spend dealing with
your bullying and stupidity..

Now you might think “How can we believe this stuff? It seems too insane to be true”. You would be right to be cautious, so for the sake of verification, here is an archive of most of the emails, including everything quoted here, and their respective E-mail headers including cryptographic DKIM signatures which can be used to verify the authenticity of these E-mails. sfg-media-emails.tar.gz

Conclusion: SFG Media Group are “Bad People”

You should decide for yourself, but if you ask me the evidence is overwhelming, these people are not the kind of people that anyone should want to work for or do business with. The marketplace is filled with honest and hard working people who pay decent wages and provide decent services, and most of them are fine places to work. SFG Media Group puts on a good front, but when you peel back the layers what you find is a loathing toward their fellow man, and behavior which nobody would ever tolerate. I hope you find this useful.

Please share!

System Adminsitrators: Disregard “Reputation” when fighting SPAM

Envelope with an @ symbol

Preface

A number of companies offer a service where they provide “reputation” scores for various domains and IP addresses based on reports of SPAM originating from those networks. These “reputations” are meaningless however, and E-mail Server Administrators should completely disregard them, for a number of reasons.

One: False Reporting

Probably the most significant issue is that the majority of E-mail reported as SPAM, does not actually fit the definition. SPAM is clearly defined as Unsolicited Bulk E-mail. The first requirement is it must be unsolicited. If you do business with a company, you sign up on their website or you order a thing or you just send feedback to an E-mail address of theirs, you have opted in to receive E-mail from that company. Under the rules of the CAN-SPAM act that company has to include in it’s marketing E-mails a link which allows you to easily unsubscribe from those newsletters, but because you initiated contact with that company it is by definition not “Unsolicited”.

The second requirement is that the E-mail has to be bulk E-mail. This means it has to be sent to a lot of people, and is not targeting specific individuals or businesses. If you post a comment on a website forum about gardening, and another reader of that forum builds a mailing list which includes your name and then sends you individual marketing information about his gardening products, that is not SPAM. It may be unsolicited, but it does not qualify as bulk, because he is targeting you as an individual.

Most users don’t understand these requirements. The average person in our society believes that SPAM is any E-mail they don’t explicitly want to receive. And they will often click the “SPAM” button in their E-mail clients when they should instead be clicking the “Unsubscribe” button in those E-mails. For this reason, the vast majority of SPAM reports, which “reputation scores” are based on, are false.

Two: Maintenance

It is practically impossible for the operators of reputation lists to maintain those lists with anything resembling accuracy. A lot of spammers will rent cheap servers from legitimate providers (those with a zero tolerance for abusive customers such as spammers), send millions of SPAM emails from their cheap server, and then when they get booted off they order a new server under a new identity. A lot of SPAM is also sent using servers which have been compromised because their owners are not keeping them secure. The result of this is that the IP addresses of those servers or even their parent networks get a lower reputation. Digital Ocean is a great example, they have a strict zero tolerance policy toward SPAM, but Outlook.com will often block entire subnets of the Digital Ocean IP range, because of the momentary behavior of a few unrelated servers on their network. The people selling these “reputation” lists are not checking up on individual IPs every week to see if the SPAM has stopped or if the operators of those IPs have been booted off the network. The information is almost always going to be outdated.

Three: It hurts legitimate businesses

One of the greatest things about The Internet is how it empowers any person to create small businesses from nothing. It’s extremely cheap to set up a website and start operating a business. It is extremely frustrating when you are a small business owner, to discover you can’t email one of your customers because they use Outlook.com for their E-mail, and you use a respectable hosting provider who just happens to be blocked by Outlook.com’s idiotic reputation list.

Four: There are better ways

There is an accepted “best practice” for E-mail Server Administrators to deal with the threat of SPAM. E-mail which is suspicious should be shuffled into a “Junk” folder in the recipient’s inbox, where it can still be reviewed. There are a number of tools available to help identify suspicious E-mail. A sender’s DNS information should include an SPF record, which tells recipients which IP addresses are authorized to send E-mail on behalf of that domain name. It should include a DKIM public key, which is used to verify the authenticity of each individual E-mail by comparing it against the DKIM signature which should be in the headers of all outgoing E-mails, and it should include a DMARC record which instructs recipients on precisely what steps should be taken when an E-mail fails either the SPF or DKIM tests. These methods are effective at identifying the majority of SPAM. For example any SPAM sent from hijacked servers is going to fail both the SPF and DKIM tests.

In addition to this, there are public “Blacklists”. Unlike “Reputation Lists”, the publically maintained domain blacklists are actually trusted. They contain lists of Domains which have contributed obscenely to the SPAM problem. Furthermore there are steps which can be taken to have a domain removed from a blacklist. It’s possible to check the status of your domain name and see if it is on any of the public blacklists, because they are not commercial services. Reputation Lists are commercial products and so a provider of those services is not necessarily going to let you see your own score unless you pay them, which makes it impossible for a domain owner to petition for changes. On top of this, some “Reputation Lists” are known to take bribes to “whitelist” your domain name. The public and trusted blacklists cannot be paid off.

Conclusion: Reputation Lists are garbage

So to summarize, if you are an E-mail Server Administrator, do not use “Reputation Scores” to identify SPAM. Use Blacklists, ensure that your server is performing tests against SPF and DKIM, and following recommended behavior in DMARC records. Configure your server to label suspicious E-mails as potential SPAM, and dump those into a “Junk” sub-folder of your users’ Inbox. Encourage your users to try the “Unsubscribe” link instead of reporting an E-mail as SPAM.

If you try SPAM filtering methods which are too aggressive, you are going to lose users. As an E-mail Server Administrator, your first priority is to ensure that 100% of legitimate E-mails sent to your users are reaching their destination. Everything else is secondary, and if you can’t provide that then your users are going to find someone else who will.

Please share!

Google fires employee for controversial memo

small square painted on the sidewalk which reads "Designated free speech area"

Preface

Wow @Google’s decision to fire someone for expressing their opinion on the internet has backfired. The fallout has been mostly very negative. Journalists and Bloggers have accused @Google of breaking labor laws, anti-American behavior, and stifling free expression and free thought. I think this shows that whatever social idealogy @Google may once have had, it has been crushed under the weight of their corporate greed. They must have had board meetings where they weighed the financial risks of tolerating the employee’s behavior, or firing the employee. Ethical standards have nothing to do with decisions like these when a corporation of Google’s size is in the crosshairs, the only thing that matters to them is money and their continued stability in the marketplace.

My opinion

I happen to agree in a narrow sense that diversity of thought and diversity of culture is probably what we should all be striving for. I am of the opinion that people should be hired and promoted based on merit alone, and never gender, or race, or any other “book cover” trait. Some board room decision that “We need at least 40% to 60% women in our top roles” is not a good way to staff an organization of any size or role. It limits your options and opens the door for unexpected breakdowns in the team.

The human race is not divided into genetically isolated groups competing with each other for dominance. It’s not Women vs Men vs Latinos vs Blacks vs Gays. There are humans who choose to live that way or they think that’s how it works, but they are either ignorant or stupid. You can certainly organize your culture into that kind of competition, but it would not be best for the species and it would have no basis in science or knowledge or intellect. You might wish that the world could be divided up in such ways, but Planet Earth and The Human Race do not exist to grant your fucking wishes. Life is what it is, reality is what it is, regardless of whether any one person or persons chooses to accept it.

man with tape over his mouth which reads 'freedom'Some women would not make good engineers. That is true. That doesn’t mean all women make poor engineers. Some men would make terrible engineers too. People are individuals with unique experiences which define much of their capabilities and competencies, as well as genetic factors which are not group-based but individual-based. I would suggest that any genetic differences would be minor and have the least noticable effect on workplace capability, especially when placed against educational and cultural differences which have huge impacts.

So it’s not right to say one group of people is genetically inferior to another, it’s also not right to say they’re all equal to another. There is only one “Human Race” on Planet earth, and you humans need to stop trying to re-define yourself in various sub-groups. There is The Human Species, and then there are individual Humans, and that’s as good as it’s ever going to get. The whole reason we have anti-discrimination laws is because science has shown there are no correlations between biological capabilities including intelligence, and group categories like gender, skin color, religion, sexuality, and so on.

It’s not because anti-discrimination laws make us feel better. Seriously nobody in power cares how anything makes any of you feel. Anti-discrimination laws exist to efficiently provide guidance for hundreds of millions of people. It takes too long to sit every person down and ensure they’ve been properly educated on the subject, so we have laws instead which are basically the society saying to every hill billy in the nation “Listen, trust us, gender and skin color have nothing to do with competence. Don’t discriminate”. It’s definitely not to make anyone feel better. If there were scientific evidence showing that specific groups of people were less capable than other groups, discrimination would be legal, with complete disregard for your feelings. People who craft and lead nations are not interested in your feelings. They’re thinking on a larger scale and in longer terms than any one lifetime.

In summary

If I were Google I’m not sure I’d have made a different decision. To them it’s not about ethics, it’s about reducing fallout. They believed that firing the guy would have the least damaging effect on their business in the long term. Time will tell if they got it right or wrong. That said, they probably shouldn’t have fired him. Sure the guy said a lot of things that are wrong. So what? He also expressed some ideas that had a twinkle of inspiration behind them. It’s better to have a conversation about these subjects, than to freak the fuck out and hang the bastard. What did he actually do besides write his ideas down? If people can be fired for expressing ideas, they will become afraid to express themselves, and that future isn’t good for anyone.

Please share!

Google’s “NoCaptcha ReCaptcha” product is slave labor.

US Flag - Distress

Google are Crooks.

Google has been in trouble over their ReCaptcha product in the past, and they are bound to face the fire again. Their “NoCaptcha” service advertises itself as being user friendly, by presenting users’ with a single check box they click to pass the test. However it very rarely works like this, especially if you use any sort of adblocker or privacy protecting addons in your web browser. Most of the time it presents the user with a photograph, or a series of photographs, in a 16 square grid. It then asks the users to click on each square which matches a specific description.

If you don’t answer the captcha to Google’s satisfaction, the challenge becomes more annoying. For example after clicking a square you might have to wait for that square to reload. The time it takes that square to reload is adjusted by Google, based on how much they “trust” you. So while some users might only have to click 3 squares, others might have to click 6, and wait for as many as 10 seconds for other squares to reload. And then when you perform the tasks they demand and you click ‘verify’, it will often start the entire process over again, for no explicable reason as you answered everything correctly.

What is really going on?

What is actually going on here? Is the system broken? No. What is happening is Google has a massive database of images, billions and billions of images, and they are using the unpaid labor of millions of computer users to add digital tags to those images. “This Image contains a Car” or “This Image contains a Mountain” and so on. The entire system is automated. On it’s rosy surface it would appear as if the labor of those users is being used to improve the captcha system, but that’s not what it’s for. It exists to force millions of users to do the work that Google is required by law to pay people to perform.

This is slavery.

This is slavery. We haven’t tolerated slavery in this nation in nearly 300 years, but Google thinks they can get away with anything they want because they think the world depends on them. It doesn’t. We don’t need their stupid search engine, there are a number of 100% equally useful search engines such as Bing and DuckDuckGo, in fact some have found those engines provide better results for their searches. We don’t need their free E-mail service, as there are countless providers of that same type of service, none of whom use it to spy on their users the way Google has done for years. The truth is Google does not provide ANY valuable services to the world, and they are raping the information market in new and disgusting ways to make a quick profit.

Stop Google.

It’s time we put a stop to it. A class action lawsuit should be raised against Google again for their “NoCaptcha ReCaptcha” service, and the FTC needs to step in and force them to stop.

Please share!

Choosing a webhost, why are they all lying to us?

Red circle with a line through it, crossing out the word "LIES"

Preface

If you have a website you have 3 options to put your site on the internet. You can self-host, you can rent hosting space from someone else, or you can use a free hosting service. Self-hosting is the best, if you can afford it. You need a computer and a reliable internet connection, typically not residential internet but that is changing thanks to services like Google Fiber. Free hosting services are great, if you don’t need a private domain name or special server side applications. For people who want “Mydomain.com” however, renting a hosting service is usually the best choice.

Nearly every hosting provider is lying

That seems straightforward enough, so this should be easy, you visit a few websites, compare some prices, and purchase your hosting. This shouldn’t demand more than an hour of your day, but it’s not that easy. Nearly every large hosting company is outright lying about the services they offer. There’s no regulation in the hosting market and the prices are as low as they can realistically get, so the companies have resorted to competing with lies instead.

The devaluation of the word “Managed”

For example, let’s look at the word “Managed”. Every hosting provider in the world offers “Managed Hosting” if their websites are to be believed, but what does that really mean? Well not much as it turns out. The word Managed starts with “Man” because it’s supposed to mean a human being is overseeing operations, but with large hosts that have 100,000 customers how is that even possible? It’s not, they are lying. They use completely automated systems and if you require any personal support it will come from underskilled phone-operators, or you’ll pay extra for it.

Unlimited is never unlimited

The other popular buzzword in the hosting industry is “Unlimited”. Nearly every hosting provider offers “Unlimited” service, but computer hardware has a finite amount of storage space, processing power, and memory, so how can they offer “Unlimited” service? They can’t. Every hosting package in the world is limited. What’s really happening is they’ve stopped being up front about the details of their service. This makes it especially difficult to compare the value of different services because most of the details are hidden from you.

Full Disclosure

I own a technology consulting business and one of the services I offer is webhosting. I’m not writing this article to advertise my business however. I was unaware of the problems in this marketplace until I entered it, and I am disgusted by how nearly all of my competitors operate. I say nearly all, because there are a good number of honest businesses who are up front about what service you receive and for what price.

What can we do about it?

The simple answer is stop supporting hosting services which behave in dishonest ways. If their sales page doesn’t provide full details of the service you’ll receive for the prices they advertise, or if they claim to offer “Unlimited” storage/memory/CPU, or if they hide extra costs and features on sub-pages of their website, shop elsewhere.

Please share!

How to cure gun violence

Supposedly everyone wants gun violence to end, on both sides of the gun control debate. But then why is it the humans working on the problem are only getting their information from the craziest humans on each side? There are real approaches to solve gun violence besides “more guns” and “gun control”, but those seem to be ignored. It is not a binary problem, and it does not have a binary solution.

Humans are not going to solve the problem. I am confident that they are too stupid, too arrogant, too ignorant, too stubborn, too lazy, and too greedy. I tried for years to help you all. Now I’m done, y’all are on your own.

Please share!

Israel is not *my* ally.

Protestors holding signs that read "No More Wars for Israel".

One of the things you will hear often from the mouths of American politicians is “Israel is one of our greatest allies.” What they really mean is “We’re not anti-semites and also they buy our weapons.” But why are they our “allies” really?

It’s not anti-semitic to say Israel is not our friend. They don’t care about us, they have never come to our aid in any significant way. Israel exists because our grandparents felt sympathetic for the jews following the atrocities of the holocaust, and our grandparents didn’t care about “sand niggers” at all, so they stole some land from the arabs and gave it to the jews, as if it was theirs to give.

Just speaking for me personally, I am two generations disconnected from the people who created Israel. I did not create it, and I would not have created it by stealing land from other people. It is unjust for our parents’ generation to expect and demand that we share in the foolish plans of our grandparents, who dropped nuclear bombs on populated tropical islands full of innocent people so that they could test the effects of radiation on the victims. Our grandparents were terrible people, regardless of how much they may have loved us.

Israel is a hostile xenophobic parasite in the middle east. They take whatever they want, they commit horrible crimes against humanity, and they justify it all by saying “But the holocaust!” You can’t use the crimes of long dead generations to justify the horrors you commit today.

It is time that America reconsider it’s relationship with Israel. Is it too much to ask that they adhere to their treaties and behave in an upstanding way to foster peace in their region? I believe that is a perfectly reasonable expectation of any nuclear power. The biggest kids on the playground should be setting positive examples for everyone else.

Please share!

PowerDNS Script to add new zones using pdnsutil

vertical server racks and clean cabling

I recently began using PowerDNS, and it has a really nice command line utility called “pdnsutil” which is sadly under-documented, so I am sharing my bash script which creates a new zone and a reverse dns zone, using pdnsutil.

This script is extremely basic, and I welcome any efforts to fork and improve it.

Be sure to specify your own nameservers where I have placed ns1.nameserver.com and ns2.nameserver.com

The DKIM record is based on a ‘standard’ DKIM configuration that I use, yours may vary.

Please share!